378 matches found
RLSA-2025:1917 Important: emacs security update
GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language elisp, and the capability to read e-mail and news. Security Fixes: emacs: Shell Injection Vulnerability in GNU Emacs via Custom "man" URI Scheme CVE-2025-1244 For...
RLSA-2024:6987 Moderate: emacs security update
GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language elisp, and the capability to read e-mail and news. Security Fixes: emacs: Gnus treats inline MIME contents as trusted CVE-2024-30203 emacs: Org mode considers...
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.6
Summary In addition to updates of open source dependencies, the following security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.6 Vulnerability Details CVEID:CVE-2024-2398 DESCRIPTION: cURL libcurl is vulnerable to a denial of service, caused by a memory le...
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2024-30203 DESCRIPTION: GNU Emacs could provide weaker than expected security,...
Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOps
Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for Watson AIOps version 4.2.0 Vulnerability Details CVEID:CVE-2023-24539 DESCRIPTION: Go is vulnerable to HTML injection. A remote attacker could inject malicious HTML code into a template containing multiple actions separated by a...
CBL Mariner 2.0 Security Update: emacs (CVE-2024-53920)
The version of emacs installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-53920 advisory. - In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point for code...
Linux Distros Unpatched Vulnerability : CVE-2022-48337
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system ...
Linux Distros Unpatched Vulnerability : CVE-2022-45939
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system ...
Linux Distros Unpatched Vulnerability : CVE-2022-48338
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GNU Emacs through 28.2. In ruby-mode.el, the ruby-find-library-file function has a local command injection vulnerability. The...
Important: Red Hat Security Advisory: emacs security update
An update for emacs is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
emacs: Shell Injection Vulnerability in GNU Emacs via Custom "man" URI Scheme
A command injection flaw was found in the text editor Emacs. It could allow a remote, unauthenticated attacker to execute arbitrary shell commands on a vulnerable system. Exploitation is possible by tricking users into visiting a specially crafted website or an HTTP URL with a redirect...
Linux Distros Unpatched Vulnerability : CVE-2017-14482
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Emacs before 25.3 allows remote attackers to execute arbitrary code via email with crafted Content- Type: text/enriched data containing an x-display XML...
Linux Distros Unpatched Vulnerability : CVE-2014-3422
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file under...
Linux Distros Unpatched Vulnerability : CVE-2017-1000383
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Emacs version 25.3.1 and other versions most likely ignores umask when creating a backup save file ORIGINALFILENAME resulting in files that may be world...
Linux Distros Unpatched Vulnerability : CVE-2014-3424
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lisp/net/tramp-sh.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/tramp. temporary file...
Important: Red Hat Security Advisory: emacs security update
An update for emacs is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
emacs: Shell Injection Vulnerability in GNU Emacs via Custom "man" URI Scheme
A command injection flaw was found in the text editor Emacs. It could allow a remote, unauthenticated attacker to execute arbitrary shell commands on a vulnerable system. Exploitation is possible by tricking users into visiting a specially crafted website or an HTTP URL with a redirect...
Important: Red Hat Security Advisory: emacs security update
An update for emacs is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Important: Red Hat Security Advisory: emacs security update
An update for emacs is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
emacs: Shell Injection Vulnerability in GNU Emacs via Custom "man" URI Scheme
A command injection flaw was found in the text editor Emacs. It could allow a remote, unauthenticated attacker to execute arbitrary shell commands on a vulnerable system. Exploitation is possible by tricking users into visiting a specially crafted website or an HTTP URL with a redirect...